Security Specialist (Offensive) - Security Operations

ASOS.com Belfast, Northern Ireland, United Kingdom

Company Description
We’re ASOS, the online retailer for fashion lovers all around the world. We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions.

We’re proud members of Inclusive Companies, are Disability Confident Committed, and have signed the Business in the Community Race at Work Charter. We placed 8th in the Inclusive Top 50 Companies Employer list.

Please let our Talent team know if you need any adjustments throughout the process in whatever way works best for you.

The Details
ASOS is recruiting for an Offensive Security Specialist within the SOC, reporting to the SOC and IR Manager. This role leads offensive security assessments to strengthen our defenses, identifying security weaknesses, validating detection mechanisms, and providing actionable recommendations. You will contribute to continuous validation and improvement of security controls and detection capabilities.

Responsibilities include:

1. Threat Hunting: Proactively search for malicious activity within the network.
2. Penetration Testing: Simulate real-world attacks to test security controls.
3. Red Teaming: Conduct adversarial simulations to assess security posture.
4. Collaborate with Defensive Teams: Share insights and improve detection and response.
5. Develop Offensive Security Strategies: Design and implement risk mitigation strategies.
6. Monitor endpoints, contribute to incident resolution, and perform root cause analysis.
7. Malware Analysis and Investigation.
8. Contribute to processes and SOPs.
9. Mentor junior team members and promote cybersecurity awareness across departments.
10. Stay updated on cybersecurity threats and develop new analytic methods.
11. Participate in on-call rota for escalated security incidents.

• Availability for on-call shifts on a 4-week rota basis to ensure prompt response to emergencies.

About You

• Experience in ethical hacking, penetration testing, and red team methodologies.
• Knowledge of industry frameworks for threat simulation and defense.
• Ability to communicate technical findings clearly to both technical and non-technical audiences.
• Strong reporting and presentation skills.
• Problem-solving skills and a proactive, collaborative approach.
• Interpersonal skills to build relationships and influence stakeholders.
• Experience in threat detection and fine-tuning detection logic.
• Comfort with modern security tools and enterprise environments.
• Commitment to continuous learning and mentoring.

Benefits include:

• Employee discount
• Personal development opportunities
• Sample sales access
• LinkedIn Learning resources
• 25 days annual leave plus a celebration day
• Discretionary bonus scheme
• Private medical care

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industry: Retail